The popularization of a network referred to as the Internet in recent years has been leading to frequent utilization of the Internet as a network for distributing a variety of digital contents in the form of mainly computer files. In addition, the popularization of a broad-band communication network such as the xDSL (x Digital Subscriber Line), the CATV (Cable TV) and a radio network is also bringing about a prepared state of a mechanism capable of distributing music data, picture data and digital data including electronic print-outs as well as rich contents such as moving pictures to users without stress.
On the other side of the coin, a distributed content is digital data, which can be subjected to illegal operations such as copying and interpolation with ease. In addition, the illegal operations such as operations to copy and interpolate contents are carried out frequently nowadays. Thus, the illegal operations are a main cause of damaging profits of digital-content vendors. As a result, a vicious cycle occurs as an economical phenomenon in which the prices of the contents must be raised but high prices of digital contents are inevitably a popularization barrier, which requires that the prices be increased further.
For example, in recent years, technologies such as the computer and network technologies have been deeply penetrating ordinary homes. A variety of home information appliances at a home is connected to each other through a home network. Examples of the home information appliances are information apparatus such as personal computers and PDAs (Personal Digital Assistants) as well as television receivers and video reproduction apparatus. In addition, in many cases, such a home network is also connected through a router to an external wide-area network represented mainly by the Internet. First of all, a content acquired legally from an external server on the Internet is stored in an internal server provided at a home as a server connected to the home network. The internal server provided at a home as a server connected to the home network is referred to hereafter as a home server. Then, the content is distributed to another terminal provided at the home by way of the home network. The other terminal provided at the home is referred to as a client.
A copyright law protects a content as a copyrighted work against illegal use such as copying and interpolation of the content. On the other hand, the copyright law allows an authorized user of a copyrighted work to copy the work for the purpose of using the copy privately or the purpose of using the copy within a limited domain conforming to private use, use at a home or other similar use. For details, refer to Article 30 of the copyright law.
When the range of the private use is applied to the home network described above, a client terminal connected to the home network is assumed to be a terminal used privately or used in the domain of the home. Thus, one generally considers that a content acquired legally in the home server can be used with a high degree of freedom by any terminal connected to the home server. Of course, it is necessary to limit the number of terminals allowed to receive a content to a predetermined value.
It is difficult, nevertheless, to utilize the contemporary technology to determine whether a terminal logged in to the home network uses a content in the domain of private use.
Assume for example that the home network is connected to an external network through a router in a connection based on an IP protocol. In this case, for the home network, it is difficult to clearly determine the actual location of a client making an access to the home server. If the home server provides a content to a remote or external terminal making an access to the content, the utilization of the content becomes all but unrestricted. The unrestricted utilization of the content is equivalent to a state of giving no protection to the copyright for the content. As a result, the author of the content loses the eagerness to create further contents.
In addition, if the home server uniformly allows all client terminals connected to the home network to utilize a content, a client terminal may log in to a plurality of home networks at different times so that contents can be utilized all but exhaustedly.
If severe restriction is applied to client terminals, on the other hand, the user can no longer surely enjoy content private utilization, which is naturally allowed by the copyright law. As a result, the user cannot receive contents well. In such a situation, the utilization of services provided by the home server to distribute contents are obstructed so that the content-business development itself is hindered.
Looking at the fact that the user normally purchasing a copyrighted work is allowed to utilize the work with a high degree of freedom, for example, the user may utilize information acquired from the network by copying the information. In this case, there has been proposed a method of easily obtaining understanding from a person holding the copyright of a content. For details of the method, refer to Japanese Patent Laid-open No. 2002-73861. However, the method classifies users in accordance with levels of relations between the users and owners of copyrights of information and the information is distributed by adoption of a distribution method, which varies in dependence on the levels of relations. Thus, the proposed method is not a method to determine how far the domain of the private use covers locations in the network.
As a protocol serving as the base of a home network nowadays, for example, a UPnP (a trademark) is known. In accordance with the UPnP, a network can be constructed with ease without carrying out complicated operations, and a service of providing contents to users can be rendered without carrying out cumbersome operations and with no settings between apparatus connected to the network. In addition, the UPnP has merits that the protocol is independent of the OS (Operating System) and an apparatus can be added with ease.
In the UPnP, a definition file prescribed in an XML (extensible Markup Language) format is exchanged between apparatus connected to the network in order for the apparatus to authenticate each other. An outline of pieces of processing for the UPnP is explained as follows.    (1): Addressing processing: A device ID used for identifying a device itself is acquired. An example of the device ID of an apparatus is an IP address assigned to the apparatus.    (2): Discovery processing: The network is searched for devices (apparatus) and information included in a response received from every device is acquired. Examples of the information are a device type and device functions.    (3): Service request processing: On the basis of the information acquired in the discovery processing, every device is requested to render a service.
By execution of such a processing procedure, a service applying an apparatus (device) connected to the network can be provided and received. An apparatus newly connected to the network acquires a device ID by carrying out the addressing processing and acquires information on other devices connected to the network by carrying out the discovery processing. Thus, a request for a service can be made.
A content stored in the home server can be accessed by another apparatus connected to the home network. For example, an apparatus executing the UPnP is capable of acquiring a content. If the content is video or audio data, as an apparatus connected to the home network, a TV, a player or the like is capable of acquiring the movie or the music to be enjoyed by the user.
Even for an apparatus connected to the home network, however, it is necessary to consider a measure for coping with illegal accesses to contents. This is because the contents stored in the home server can be contents requiring management of copyrights. Examples of such contents are a private content and a pay content.
An access made by an apparatus of a user owning a license or a right to utilize a content as an access to the content is naturally permitted. In an environment of a home network connected to an external network through a home router, however, it is quite within the bounds of possibility that a user having no license is capable of entering the home network.
In order to get rid of an illegal access, for example, a home server keeps a list of clients each allowed to make an access to the server. Every time a client makes an access to the home server, the client is collated with those on the list. In this way, an access made by a client not on the list can be rejected.
MAC (Media Access Control) address filtering is known as a typical technique to get rid of an illegal access. A MAC address is a physical address assigned to every communication apparatus as an address unique to the apparatus. A list of MAC addresses of apparatus allowed to make accesses to a home network is created as a list used in the MAC address filtering. In accordance with the MAC address filtering, a list of MAC addresses of apparatus allowed to make accesses to a home network is stored in a rooter or a gateway in advance. The rooter or the gateway separates an internal network (or a sub-network) such as the home network from an external network. Then, when a packet representing an access is received, a MAC address included in the packet is compared with MAC addresses put on the list. An access made by an apparatus having a MAC address not registered on the list in advance is turned down. It is to be noted that a technology of this type is described in documents such as Japanese Patent Laid-open No. Hei 10-271154.
In order to carry out a process to register MAC addresses for restricting accesses, however, it is necessary for an operator to obtain MAC addresses of all apparatus connected to the network and enter the addresses to be registered on a list. In addition, typically, every MAC address has a size of 48 bits. For a general user, such a process is a burden. Thus, it is not practical to request the user to create a list of MAC addresses and store the list in a memory.
A process to add a new apparatus to a home network is carried out frequently. If the user must obtain the MAC address of a new apparatus each time a process to add the new apparatus to a home network is carried out, the easiness to construct the network is obstructed.
On the other side, with the popularization of the network such as the radio LAN, an apparatus having a communication function is capable of intruding into the radio LAN from the outside of the LAN with ease. In the environment of such a network, an illegal access to an apparatus connected to the network can be made more easily and, in addition, it is more and more quite within the bounds of possibility that illegitimate processes such as exploitation of secret information obtained through an illegal access and an illegal operation to fetch a content are carried out. In such a situation, there is raised a demand for easy implementation of a configuration for controlling accesses without causing a load to be borne by the general user.